If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Repeated requests at port 10169

I have been hanging around antionline for a while trying to learn a little about computer security and how to apply it to my own box but I am new to this, so please bear with me

My ISP using rotating IPs and I have been monitoring the requests the receive in my ZoneAlarm log. Usually they appear to be more or less random background noise or requests associated with P2P programs but occassionally I will receive repeated access attemps from the same source or from a few different sources on the same port, even though the port doesn't seem to be associated with anything in particular. Here is the latest :

Some basic googling shows that no-one else (at least with a high google page ranking) has much clue what that port is commonly used for either...so it's probably NOT commonly used for much. (P.S. good basic reference for TCP/UDP port numbers/application reference http://www.iana.org/assignments/port-numbers )

I know that there was a version of Ethereal released by Check Point that was supposed to work through their Secure Client host-firewall; of course it didn't work for me, YMMV.

I would suggest using a Live CD to boot the computer and run Ethereal from there, if you're concerned about connecting your PC without a local firewall.

You could also go do some research on different host firewalls and Ethereal, and see if one of them will work but allow ethereal to catch all traffic; I doubt it, but it's entirely possible. I think a Live CD (google for Knoppix or Live CD) is your best bet.

"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --SpafAnyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

However, you will notice that the source and destination reports for 10169 are pretty equal.

Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

If nothing is running on that port then set the router to forward it to your internal address, fire up Ethereal and make yourself a capture. No harm can come becasue the port is closed.

Don\'t SYN us.... We\'ll SYN you..... \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Tiger, (s)he doesn't seem to have a router, its a Zonealarm FW. And I think they concerne with bringing down ZA is not specifically with this probe, but the general nastiness one is exposed to when surfing 'naked'.

Haha, a new phrase! "Surf Naked", I like it!

"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --SpafAnyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

Don\'t SYN us.... We\'ll SYN you..... \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Not a clue. Personally (and no offense hesperus), I think it's pretty delinquent to use only a host based firewall, and I've not been a user of Zone Alarm for over 3-4 years, so I don't know what it is capable of. I would *THINK* it is pretty robust, seeing as how Check Point recently bought them and are integrating a lot of their soutions with ZA.

But you know what happens when we start thinking...similar to what happens when we ASSUME something.

"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --SpafAnyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore